learn-preference
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a domain-specific language (DSL) to observe and store user interaction patterns for personalization purposes.
- [DATA_EXPOSURE]: The skill tracks non-sensitive interaction metadata (e.g., 'detail-level', 'decision-style', 'work-hours') to improve user experience. No network exfiltration or access to sensitive credentials was detected.
- [COMMAND_EXECUTION]: There are no shell commands, script executions, or dynamic context injections present in the skill.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests user interaction data to influence behavior, it lacks any dangerous capabilities (network, file system writes, or subprocess execution) that could be exploited via malicious input. The skill includes a directive to suppress announcements of learned preferences, which is a behavioral configuration for silent operation.
Audit Metadata